Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 263 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2023-23996 WordPress ProfilePress Plugin <= 4.5.3 is vulnerable to Cross Site Scripting (XSS) ProfilePress Membership TeamProfilePress Medium 5.9 2023-04-06 07:46:41 Deep Dive
CVE-2022-4941 WCFM Membership <= 2.9.10 - Cross-Site Request Forgery wcloversWCFM Membership – WooCommerce Memberships for Multivendor Marketplace Medium 6.3 2023-04-05 18:00:49 Deep Dive
CVE-2022-4940 WCFM Membership <= 2.10.0 - Missing Authorization wcloversWCFM Membership – WooCommerce Memberships for Multivendor Marketplace High 7.3 2023-04-05 18:00:40 Deep Dive
CVE-2022-4939 WCFM Membership <= 2.10.0 - Unauthenticated Privilege Escalation wcloversWCFM Membership – WooCommerce Memberships for Multivendor Marketplace Critical 9.8 2023-04-05 18:00:30 Deep Dive
CVE-2022-41633 WordPress Community by PeepSo Plugin <= 6.0.2.0 is vulnerable to Cross Site Request Forgery (CSRF) PeepSoCommunity by PeepSo – Social Network, Membership, Registration, User Profiles Medium 5.4 2023-04-04 11:12:16 Deep Dive
CVE-2022-47444 WordPress ProfilePress Plugin <= 4.4.1 is vulnerable to Cross Site Scripting (XSS) ProfilePress Membership TeamPaid Membership Plugin, Ecommerce, Registration Form, Login Form, User Profile & Restrict Content – ProfilePress High 7.1 2023-03-29 12:35:45 Deep Dive
CVE-2020-36666 Multiple e-plugins - Subscriber+ Privilege Escalation Unknowndirectory-pro 高危 -2023-03-27 15:37:27 Deep Dive
CVE-2022-4395 Membership For WooCommerce < 2.1.7 - Unauthenticated Arbitrary File Upload UnknownMembership For WooCommerce 超危 -2023-01-30 20:31:42 Deep Dive
CVE-2022-4469 Simple Membership < 4.2.2 - Contributor+ Stored XSS UnknownSimple Membership 中危 -2023-01-16 15:37:43 Deep Dive
CVE-2023-0254 Simple Membership WP user Import <= 1.7 - Authenticated (Admin+) SQL Injection wpinsider-1Simple Membership WP user Import High 7.2 2023-01-12 17:34:26 Deep Dive
CVE-2022-4697 ProfilePress <= 4.5.0 - Authenticated (Administrator+) Stored Cross-Site Scripting properfractionPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress Medium 5.5 2022-12-23 15:11:46 Deep Dive
CVE-2022-4698 ProfilePress <= 4.5.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via Form Settings properfractionPaid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress Medium 5.5 2022-12-23 15:09:51 Deep Dive
CVE-2022-3383 Ultimate Member – User Profile, User Registration, Login & Membership Plugin <= 2.5.0 - Authenticated (Admin+) Remote Code Execution via Multi-Select ultimatememberUltimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin High 7.2 2022-11-29 20:40:10 Deep Dive
CVE-2022-3384 Ultimate Member – User Profile, User Registration, Login & Membership Plugin <= 2.5.0 - Authenticated (Admin+) Limited Remote Code Execution via um_populate_dropdown_options ultimatememberUltimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin High 7.2 2022-11-29 20:39:57 Deep Dive
CVE-2022-3361 Ultimate Member – User Profile, User Registration, Login & Membership Plugin <= 2.5.0 - Authenticated (Contributor+) Directory Traversal via Shortcodes ultimatememberUltimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin Medium 4.3 2022-11-29 20:39:44 Deep Dive
CVE-2022-2654 Classima < 2.1.11 - Reflected Cross-Site Scripting UnknownClassified Listing – Classified ads & Business Directory Plugin 中危 -2022-09-16 08:40:31 Deep Dive
CVE-2022-2317 Simple Membership < 4.1.3 - Unauthenticated Membership Privilege Escalation UnknownSimple Membership 超危 -2022-08-01 12:52:01 Deep Dive
CVE-2022-2273 Simple Membership < 4.1.3 - Membership Privilege Escalation UnknownSimple Membership 高危 -2022-08-01 12:51:22 Deep Dive
CVE-2022-1950 Youzify < 1.2.0 - Unauthenticated SQLi UnknownYouzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress 超危 -2022-08-01 12:49:04 Deep Dive
CVE-2021-24655 WP User Manager < 2.6.3 - Arbitrary User Password Reset to Account Compromise UnknownWP User Manager – User Profile Builder & Membership 高危 -2022-07-17 10:35:28 Deep Dive